how to prevent access directly to my files in php [duplicate]

0
votes

hello everyone how to prevent access directly to my files.

My scenario is :

i have <a href="/book/mybook.pdf" download="/book/mybook.pdf"> when i click on my file gets uploaded, but when i tab www.mysite.com/book/mybook.pdf i can access to the book without authentication.

i want to prevent access directly to my folder /book/* and my download still working.

btw i don't have .htaccess file but i have web.config

1
phpxmlxslt

1 Answers

0
votes

i add filtring to my web.config

 <security>
 
           <requestFiltering>
               <fileExtensions>
                   <add fileExtension=".pdf" allowed="false" />
               </fileExtensions>
           </requestFiltering> 
       </security>

but now i cant download files too :(